Resource Center
Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.
Filters
Showing 415–420 of 473 results
Compromising vCenter via SAML Certificates
Overview A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware vCenter Identity Provider (IdP) certificate. Security Assertion Markup Language (SAML) has proved to be a hotbed of vulnerabilities within the last year, as well as a target of many cybercrime syndicates and APTs. In the SolarWinds attack, the attackers also...
Read More Horizon3.ai recognized in 2021 Gartner® Hype Cycle™ for Security Operations
PRNewswire: 09/28/2021 According to this report, “Security testing, like network penetration testing and red teaming, plays an important role in an organizations’ capabilities to identify exposures, vulnerabilities and weaknesses in their defenses. Many organizations only test on an annual or ad hoc basis, rarely testing more frequently or even continuously due to the cost and lack of internal expertise.”… Read...
Read More 
Vulnerable ≠ Exploitable
The hardest part of cyber security is deciding what NOT to do. Being vulnerable doesn’t mean you’re exploitable.
Read More 
OMIGOD – RCE Vulnerability in Multiple Azure Linux Deployments
Overview On September 14, multiple vulnerabilities were discovered by researchers at Wiz.io. The most critical of them being CVE-2021-38647, now dubbed OMIGOD, which effects the Open Management Infrastructure (OMI) agent in versions 1.6.8.0 and below. Azure customers effected by this vulnerability are still vulnerable and must take manual action to ensure the OMI agent is updated. For Debian systems (e.g., Ubuntu):...
Read More 
Hack The Box – Jerry
The Jerry machine from the Hack The Box platform nicely illustrates the danger of weak and default credentials.
Read More 
Confluence Server OGNL Injection: CVE-2021-26084
On August 25, 2021, Atlassian released a security advisory for CVE-2021-26084, an OGNL injection vulnerability found within a component of Confluence Server and Data Center. This critical vulnerability allows an unauthenticated attacker to execute arbitrary commands on the server. A few days later, on August 31, security researchers @iamnoob and @rootxharsh quickly developed a working proof of concept given the vulnerability details and by reverse engineering....
Read More